:: Re: [DNG] Another multi-user issue
Página Principal
Delete this message
Reply to this message
Autor: Rainer Weikusat
Data:  
Para: dng
Assunto: Re: [DNG] Another multi-user issue
Rainer Weikusat <rainerweikusat@???> writes:

> "Jack L. Frost" <fbt@???> writes:
>> On Sun, Apr 03, 2016 at 08:17:32PM -0400, Boruch Baum wrote:
>>> Please consider setting the default /etc/fstab to include:
>>>
>>> proc            /proc           proc    defaults,hidepid=2

>>>
>>> This has the effect of keeping the specific activities, process ids,
>>> command lines and parameters of a user from other users.
>>
>> I've been using hidepid=2 as a default in my toy distro and haven't found a
>> usecase where that would be a bad default. So unless there are common enough
>> usecases where users need to see others' processes, I agree.
>
> Since this is an argument for changing the default behaviour, there
> ought to be some "common enough" use cases where that would be
> beneficial. Eg, why should daemon processes running on a machine used by
> a single person, say, the proverbial "clueless newbie", be forcibly
> hidden from the owner of the computer unless he happens to be running as
> root?


I'd still like an answer to this question: For the common use case of a
so-called "desktop system", why should system processes be hidden from
its owner by default unless said owner does something which is actively
discouraged, IOW, "Who is trying to hide what here and whose security is
this supposed to benefit?", to word this in a somewhat loaded way.